CertFindCertificateInStore fails to load self-signed certificates generated on different machine

Question

I'm trying to load a self-signed certificate generated on a different host and imported to my machine. Cert has been imported and shows up in mmc correctly. But CertFindCertificateInStore fails to load, when searched through SHA1 thumbprint.

Here's code:

const LPWSTR    certThumbprint   = L"2af92932d0164f52b20b1ccfdf0e1e4d525fbc08";

CryptStringToBinary(certThumbprint, SHA1_HASH_STRING_LENGTH,  CRYPT_STRING_HEXRAW,    NULL, &dwHashDataLength, NULL,NULL);

pHashData = new BYTE[dwHashDataLength];

CryptStringToBinary(certThumbprint,SHA1_HASH_STRING_LENGTH,CRYPT_STRING_HEXRAW,pHashData,&dwHashDataLength,NULL, NULL);

hashBlob.cbData = dwHashDataLength;
hashBlob.pbData = pHashData;

if ( !(pCertContext = CertFindCertificateInStore(
    hSystemCertStore,
    X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
    0,
    CERT_FIND_SHA1_HASH,
    &hashBlob,
    NULL)))
{
    printf("\n finding cert in system store failed: %d \n", GetLastError());
    exit(-1);
}

Can you show where you get `hSystemCertStore`? Which store in particular did you import the certificate into? It's not hard to get confused between the different stores. For what it's worth, we are doing the same thing without any trouble, only we are searching on the Subject Key Identifier. — Anthony, Apr 21 '14 at 20:59

CertFindCertificateInStore fails to load self-signed certificates generated on different machine

0 Answers0